Researchers Uncover Dangerous Adobe Reader Zero-Day Flaw

Security researchers have detected a dangerous Adobe Reader zero-day vulnerability being actively exploited in a series of targeted attacks.

Researchers at Milpitas, Calif-based antimalware company FireEye discovered the zero-day flaw and say they have submitted it to the Adobe security team. Details are scarce about the nature of the vulnerability, but in a blog post, FireEye warned users to avoid opening any unknown PDF files until the issue is addressed.

The zero-day vulnerability is in Adobe PDF Reader 9.5.3, 10.1.5, 11.0.1 and earlier versions, according to FireEye. The two-pronged attack detected by the firm contains a message and a communication mechanism to a remote server, the firm said in a blog entry.

"The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks," FireEye wrote. "The second DLL in turn drops the callback component, which talks to a remote domain."

An Adobe spokesperson said the company is investigating the issue. "We will provide an update as soon as we have more information," the company said.